I believe that CIS is the best free firewall (and even than many fee) was born after the “end” of Sygate Personal Firewall (acquired by Trend Micro and inserted in his suite for a fee).
One thing I do not like: when a progemamm try to accesss internet is provided the IP address instead of hostname
One thing to say:
The program APP.EXE is trying to connect to 100.23.45.67 (random numbers)
another is to say:
the program APP.EXE is trying to connect to www.nomehost.com (etc)
Do you not believe it would be a great improvement?
in my eyes you dont get much, if you know the site name of these some connections that go to a site
Even if you don’t get hostname for every IP, it would be much better than the current state. Minor number of IPs you are alerted about belong to hackers. Then you can focus only on the few IPs that do not have hostname, and look them up via whois.
The reason why CIS does show IPs instead of hostnames might be historical. Hostname lookup used to be slow (and maybe still is).
the thing is, why should i care about unrequested ingoing traffic? (just block)
why should one program connect itself with “allowed OUTgoing” to a hacker or a wrong ip? how does it know this adress?
what scenario needs to know who the owner of the ip is? is it more than 0,1%? is the name telling you: this is an evil hacker, dont connect? sure not. maybe its called MICR0S0FT in the fifth question… do you see it?
allow the application to connect to its update server
otherwise alert
If I get the alert, the most likely reason is that the IP of the update server has changed, or that the application uses several update servers. It would help much if CIS itself told me what the hostname for the new IP is. Otherwise I have to look it up manually in order to decide whether to allow the communication or not.
When a program accesses to Internet, CIS asks whether to allow the request. I want to know where it connects and numbers are not the best, otherwise we might as well set the firewall on the PC CLEAN
